Centralized Automated Vault Solution

Delivering a reliable outcome for role-based access with automated rotating credentials and achieving 99.995% availability.

By
Rhonda O'Connor
July 29, 2020

Confidential Client

FORTUNE 500 / GLOBAL INSURANCE CO.

Achieved desired outcomes

Challenge

The client requested a long-term Amazon Web Services (AWS) cloud strategy which required a working, tested, proof of concept, and an implementation plan for role-based access that met specific security and performance criteria. The client explicitly requested:

  • Reusable, predictable, repeatable, and auditable deployment patterns for an agile-based delivery model,
  • Automated rotating credentials every N++ days
  • A high-availability architecture – all software-defined, all enterprise deployable

Solution

Working closely with the client, the Trility team provided multiple options and recommendations guiding early architecture iterations leading to the baseline proof of concept. As part of the implementation, Trility continued to work with the client's team members using HashiCorp’s Terraform to automate and deploy Vault. The system was set up in clusters to achieve high availability with the least amount of human interaction and was deployed throughout four environments: Learning, Development, Pre-Production, and Production.

Outcomes

  • Delivered proof of concept and early roadmapping
  • Seamless transition to integrated implementation teams comprised of both Trility and client teams
  • Built a centralized, automated Vault solution to enable the use of secret role-based access in automated pipelines
  • Achieved four nines (99.995% availability) 
  • Three environments – Development, Test, and Production – use this pattern
  • Provided mentoring on HashiCorp’s Terraform to achieve a repeatable and automated state

Reusable Patterns

  • Role-based access template for the enterprise cloud user base
  • Terraform deployment patterns used for coaching internal cloud engineering teams
  • Reusable enterprise Vault template serves every group in client's cloud (and more) for authorized based roles

Want to Automate Permissions?

If you need to refactor or automate permissions in a cloud, on-prem, or hybrid ecosystem, we can help you equip your people and your company to build better.

For this client, HashiCorp products were the ideal solution. Learn more about our partnership with HashiCorp or get in touch with us to navigate to a simplified, automated, secured solution.

Explore Insights

Read more articles from Trility’s team.

Cloud Engineering
DevOps
Software Design & Development
Continuous Delivery Method
Security by Design
Leadership
Our Work
Podcasts
News

Experience

Read summaries about projects Trility has delivered.

Cloud Engineering
DevOps
Software Design & Development

Let's Talk

Get in TouchJoin our team
What We DoSoftware Design & DevelopmentCloud EngineeringDevOps
Who We AreContinuous DeliverySecurity By Design

Careers

Life at TrilityCareer OpportunitiesVeterans
Insights

Partners

AWSHashiCorp

© 2023 Trility Consulting LLC℠ | 14001 University Ave. Suite 300 Clive, IA 50325 | (515) 650-5999

Trility LLC is a wholly owned subsidiary of Trility Group Holdings, Inc.

Verify Employment

|

Privacy Policy